danzin<p>Posted a topic about lafleur, the CPython JIT fuzzer I'm developing: <a href="https://discuss.python.org/t/introducing-lafleur-a-cpython-jit-fuzzer/103452" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discuss.python.org/t/introduci</span><span class="invisible">ng-lafleur-a-cpython-jit-fuzzer/103452</span></a></p><p>It has many details about the project, the results (4 JIT crashes so far), calls for help and ideas for the future.</p><p>If any of this interests you, please give a read. Boosts welcome :)</p><p><a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/JIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JIT</span></a></p>
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.
Administered by:
Server stats:
8.1Kactive users
mastodon.world: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.3
#fuzzer
0 posts · 0 participants · 0 posts today
danzin<p>Preparing a post about lafleur, the CPython JIT fuzzer I develop.</p><p>It has found 4 JIT crashes so far:<br>#136996: "JIT: `executor->vm_data.valid` assertion failure in `unlink_executor`".<br>#137007: "JIT: assertion failure in _PyObject_GC_UNTRACK".<br>#137728: "Assertion failure or `SystemError` in `_PyEval_EvalFrameDefault` in a JIT build".<br>#137762: "Assertion failure in `optimize_uops` in a JIT build".</p><p>Contributions welcome!</p><p><a href="https://github.com/search?q=repo%3Apython%2Fcpython+lafleur&type=issues" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/search?q=repo%3Apyt</span><span class="invisible">hon%2Fcpython+lafleur&type=issues</span></a></p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a> <a href="https://mastodon.social/tags/JIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JIT</span></a></p>
danzin<p>Here's how lafleur works:</p><p>Starts from a corpus of seed files (generated by fusi)l. It runs each file and parses the JIT debug output to record micro ops (UOPs) and edges between them.</p><p>Then it applies mutations to these files and when a mutation results in a new UOP or edge, it adds the mutated file to the corpus.</p><p>All the while, it monitors the execution of these files for crashes.</p><p>And it's smart about which file to mutate next.</p><p>Simple, eh?</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a></p>
danzin<p>One obvious thing from fuzzing the CPython JIT with the lafleur fuzzer is that finding crashes is much lower probability than fuzzing CPython with fusil.</p><p>Whenever fusil found a crash, it would find hits for it again and again pretty quickly.</p><p>With lafleur, we only got 3 hits (2 issues) in thousands of fuzzing hours.</p><p>I'm throwing more compute at it, but maybe we'll need to improve the core ideas to get better results.</p><p><a href="https://github.com/devdanzin/lafleur" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/devdanzin/lafleur</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a></p>
danzin<p>Reviewed the 3 PRs we got for lafleur: <a href="https://github.com/devdanzin/lafleur/pulls?q=is%3Apr" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/devdanzin/lafleur/p</span><span class="invisible">ulls?q=is%3Apr</span></a></p><p>All 3 marked as "good first issue". They've clear signs of being created by or with help from AI, like tentative code ("# do this in case... ") and removing docstrings. </p><p>Merged one and gave feedback on 2, including tips on how to get AI to fix their issues.</p><p>I might get unfollows for this, but I welcome AI generated code as long as it's good enough. In fact, AI made this project viable.</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a> <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a></p>
danzin<p>Busy day, good day: the new CPython fuzzer lafleur found its first 2 crashes this morning! </p><p>Happiness only marred by the bad job I did reducing the testcases and making the reports reproducible. Thanks Brandt Bucher and and Ken Jin for the patience! Next bug reports will be more polished and reliable.</p><p>Also, we got 3 new PRs for the fuzzer but I didn't have time to review them, will have to leave that for tomorrow.</p><p><a href="https://github.com/devdanzin/lafleur/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/devdanzin/lafleur/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a></p>
danzin<p>Launching a new project on a Sunday night: lafleur, a CPython JIT fuzzer.</p><p><a href="https://github.com/devdanzin/lafleur" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/devdanzin/lafleur</span><span class="invisible"></span></a></p><p>It's a feedback driven fuzzer (using JIT debug output) with corpus prioritization and JIT-targeted AST-based mutations. Calling it "evolutionary" may be a stretch, but sounds good.</p><p>It's also a fuzzer that so far hasn't found any crashes or bugs. Still working on that ;)</p><p>If you want to understand how it works, there is a good amount of docs.</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/Fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzer</span></a> <a href="https://mastodon.social/tags/Fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzing</span></a> <a href="https://mastodon.social/tags/JIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JIT</span></a></p>
danzin<p>Trying real hard to build a fuzzer targeting the CPython JIT, lots of features implemented but not a single crash or bug discovered so far.</p><p>Such is life when hunting for crashes in robust code.</p><p>This weekend I'll be spinning off a new fuzzer that grew from fusil. Wish me luck 🙂</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/JIT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>JIT</span></a> <a href="https://mastodon.social/tags/Fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzer</span></a> <a href="https://mastodon.social/tags/Fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzing</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a> <a href="https://mastodon.social/tags/lafleur" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lafleur</span></a></p>
Advanced Fuzzing League<p>AFL++ v4.33c released! Instrumentation of hidden edges (+5% edges), better syncing, corner case features, bug fixes :-) <a href="https://github.com/AFLplusplus/AFLplusplus/releases/tag/v4.33c" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/AFLplusplus/AFLplus</span><span class="invisible">plus/releases/tag/v4.33c</span></a> <a href="https://infosec.exchange/tags/afl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>afl</span></a> <a href="https://infosec.exchange/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://infosec.exchange/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a></p>
danzin<p>So, what's next for fuzzing CPython with fusil?</p><p>The results point to interesting future ideas, including expanding fuzzing to new environments like subinterpreters, using more tools like Thread Sanitizer, and developing more advanced fuzzing techniques.</p><p>A huge thank you to everyone who contributed!</p><p>And thank you for reading!</p><p>P.S.: if you have a C/Rust extension, we can fuzz it too: <a href="https://mastodon.social/@danzin/114383188014599269" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mastodon.social/@danzin/114383</span><span class="invisible">188014599269</span></a></p><p>(5/5)</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a></p>
danzin<p>One finding I really like is the bug discovery pattern.</p><p>There wasn't a steady stream of bugs, but spikes of findings: 1st, a huge number of crashes as I started testing a CPython that hadn't been fuzzed by fusil in a decade.</p><p>Later, a new wave of issues tied to the addition of new features to the fuzzer, like support for "weird classes" and typing objects.</p><p>So periodic campaigns may have better cost-benefit than continuous fuzzing.</p><p>(4/5)</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a></p>
danzin<p>The credit for fusil's effective design goes all to Victor Stinner (<span class="h-card" translate="no"><a href="https://mamot.fr/@vstinner" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>vstinner</span></a></span>), who created it nearly two decades ago. It was responsible for finding release blockers way back in 2008. I just contributed a little to revive and enhance it. </p><p>Some enhancements included running generated code in threads and adopting new "interesting" objects and values as inputs, helping to discover more crashes.</p><p>(3/5)</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a></p>
danzin<p>All this was only possible due to the great response from the Python community.</p><p>Thanks to the developers efforts to triage, diagnose, and fix the problems, the campaign became a collaborative effort to improve Python.</p><p>The impact was considerable, mobilizing Core Devs and contributors to create 98 PRs to fix these bugs. The average time to fix an issue was about 20 days, with a median of just five days.</p><p>(2/5)</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a></p>
danzin<p>Happy to share the results of a fuzzing campaign targeting CPython that ran from Oct 2024 to May 2025. Using the fusil fuzzer, the goal was to find crashes and improve CPython's robustness.</p><p>I really like the results we got: the effort uncovered 52 unique crash-related issues. These reports approached 30% of all "type-crash" issues filed during that period. One of the crashes was classified as a Release Blocker, that was a nice result! :)</p><p>(1/5)</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a></p>
danzin<p>So, my technical report on fuzzing CPython with fusil is almost done.</p><p>I'd really appreciate some help categorizing the found issues by relevance/severity/importance or any other name for impact.</p><p>Do you have the chops to help with that? And do you have time and interest? Please get in touch if so! And please boost if you can :)</p><p>A plot, some tables, links to the report and some discussion are available in this thread:</p><p><a href="https://discuss.python.org/t/feedback-on-the-recent-fusil-fuzzing-campaign-of-cpython/91737" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discuss.python.org/t/feedback-</span><span class="invisible">on-the-recent-fusil-fuzzing-campaign-of-cpython/91737</span></a></p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a></p>
Hacker News<p>Fuzzer Blind Spots (Meet Jepsen)</p><p><a href="https://tigerbeetle.com/blog/2025-06-06-fuzzer-blind-spots-meet-jepsen/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">tigerbeetle.com/blog/2025-06-0</span><span class="invisible">6-fuzzer-blind-spots-meet-jepsen/</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/Fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzer</span></a> <a href="https://mastodon.social/tags/Blind" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Blind</span></a> <a href="https://mastodon.social/tags/Spots" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spots</span></a> <a href="https://mastodon.social/tags/Jepsen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Jepsen</span></a> <a href="https://mastodon.social/tags/SoftwareTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareTesting</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/TechInsights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechInsights</span></a></p>
stf<p>reading this: <a href="https://lolcads.github.io/posts/2025/05/high_performance_network_fuzzing/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lolcads.github.io/posts/2025/0</span><span class="invisible">5/high_performance_network_fuzzing/</span></a></p><p>i was wondering, if anyone ever made a BNF-based <a href="https://chaos.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a>? and how did that go?</p>
danzin<p>Trying to gather feedback/opinions, especially from <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a> Core Developers, on the recent <a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> campaign using <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a>.</p><p><a href="https://discuss.python.org/t/feedback-on-the-recent-fusil-fuzzing-campaign-of-cpython/91737" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discuss.python.org/t/feedback-</span><span class="invisible">on-the-recent-fusil-fuzzing-campaign-of-cpython/91737</span></a></p><p>I'm writing a little tech report on the effort, and having some data about whether it's considered useful, a nuisance, impactful, low value etc. would make it much more interesting.</p><p>Please boost for visibility :)</p><p><a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a></p>
Dave Muth<p>Now that I'm meeting more Furries, how shall I address them in formal situations? Your Fuzzier and Fuzziest? (Asking for a friend.) ...And...is it true that Hell hath no Furrie as a <a href="https://mas.to/tags/Fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzer</span></a> scorned? (Thanks in advance. Asking for a different, stupid friend.)</p><p><a href="https://mas.to/tags/Furry" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Furry</span></a> <a href="https://mas.to/tags/Furries" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Furries</span></a> <a href="https://mas.to/tags/Fuzzy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fuzzy</span></a></p>
danzin<p>Do you maintain or contribute to a <a href="https://mastodon.social/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> package that includes a C extension? Would you like to run a fuzzer against it?</p><p>If so, let me know and I will run it, or help you to get it running. </p><p>The fuzzer is <a href="https://mastodon.social/tags/fusil" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fusil</span></a>, which generates random code calling into your functions and methods. It's useful to check for crashes on invalid inputs or unexpected call patterns.</p><p>It has found about 50 crashes in <a href="https://mastodon.social/tags/CPython" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPython</span></a>, 20 in <a href="https://mastodon.social/tags/PyPy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PyPy</span></a>, 6 in <a href="https://mastodon.social/tags/Numpy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Numpy</span></a> etc.</p><p><a href="https://mastodon.social/tags/fuzzing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzing</span></a> <a href="https://mastodon.social/tags/fuzzer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fuzzer</span></a> <a href="https://mastodon.social/tags/testing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>testing</span></a><br>See here:<br><a href="https://github.com/devdanzin/fusil/issues/37" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/devdanzin/fusil/iss</span><span class="invisible">ues/37</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload